Actions34
- Devices Actions
- Endpoints Actions
- Guest Users Actions
- Local Users Actions
Overview
The "Replace By MAC" operation in the Devices resource of this Aruba ClearPass node allows users to replace or update a device account identified by its MAC address within the Identities domain. This operation is useful for managing network devices by updating their associated roles, status, and metadata based on their unique MAC addresses.
Typical use cases include:
- Updating device roles when a device changes its function or user group.
- Enabling or disabling device accounts dynamically.
- Modifying device metadata such as visitor names, sponsor information, or custom fields for better network policy enforcement.
For example, a network administrator can replace a device's role and enable it with specific start and expiry times, ensuring that the device has appropriate access rights during a defined period.
Properties
| Name | Meaning |
|---|---|
| Domain | API domain to access. Options: Identities, Policy Elements, Enforcement Profile. For this operation, must be Identities. |
| MAC Address (mac) | The MAC address of the device to replace/update. This uniquely identifies the device account to be replaced. |
| Role ID | Numeric identifier of the role to assign to the device account. |
| Additional Fields | Optional additional properties to set on the device account: - Role Name: Name of the role. - Enabled: Whether the account is enabled (boolean). - Start Time: When the account becomes active (ISO 8601). - Expire Time: When the account expires (ISO 8601). - Visitor Name: Display name for the account. - Sponsor Name: Name of the sponsor. - Sponsor Profile: Numeric profile ID of the sponsor. - Notes: Comments or notes. - Source: Origin of the account. - Custom Fields: JSON object with custom key-value pairs. |
| Options | Additional options for the operation: - Change of Authorization: Whether to send a Disconnect-Request or CoA-Request to update the network state. Options: Use Default Setting, Yes, No. |
Output
The node outputs an array of items where each item contains a json field representing the response from the Aruba ClearPass API after performing the replace operation by MAC address. The structure of the JSON output depends on the API response but typically includes details of the updated device account such as its identifiers, assigned role, status, and any metadata fields.
This node does not output binary data.
Dependencies
- Requires an API key credential configured in n8n to authenticate with the Aruba ClearPass API.
- The node interacts with the Aruba ClearPass API endpoints corresponding to the Identities domain and Device resource.
- Proper network connectivity and permissions are required to perform device updates via the API.
Troubleshooting
Common issues:
- Invalid or malformed MAC address format may cause the API to reject the request.
- Insufficient permissions or invalid API credentials will result in authentication errors.
- Specifying a non-existent Role ID or Role Name may cause the operation to fail.
- Network connectivity issues can prevent successful API calls.
Error messages:
- Authentication errors usually indicate problems with the API key or credential setup.
- Validation errors from the API often specify which input property is incorrect or missing.
- If "Continue on Fail" is enabled, errors are returned as part of the output JSON under an
errorfield instead of stopping execution.
To resolve errors:
- Verify the MAC address format and correctness.
- Ensure the API key credential is valid and has necessary permissions.
- Confirm that the Role ID exists in the system.
- Check network connectivity and API endpoint accessibility.
Links and References
- Aruba ClearPass API Documentation (general reference): https://www.arubanetworks.com/techdocs/ClearPass/
- n8n Documentation on Credentials and HTTP Request Nodes: https://docs.n8n.io/credentials/ and https://docs.n8n.io/nodes/n8n-nodes-base.httpRequest/